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DETAILED ACTION 

This action is responsive to the response to the arguments filed J, 2008. Claims 
1-28, 34-42, 44-53 are pending. 



Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 



2. Claims 1-1,7 18-28, 34-42, and 44-53 are rejected under 35 U.S.C. 102(e) as 
being anticipated by US Patent Pub. 2002/0083342 by Webb et al (hereinafter Webb). 
Webb teaches the invention as claimed including access and registry servers to provide 
secure access to clients (see abstract). 



As per claims 1 , 34 and 39 Webb teaches a method, system and computer- 
executable program code for accessing resources on a private network via an 
intermediary server said method comprising (abstract): 
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receiving a login request from a user for access to the intermediary server 
(abstract; the gateway receives a login request); 

authenticating the user in response to the login request (see abstract; the 
gateway authenticates the client); 

receiving a resource request from the authenticated user at the intermediary 
server (see abstract; the gateway receives a request from the client to access a Web 
server of a device on the network), the resource request requesting a particular 
operation with respect to a resource from the private network (see abstract; the gateway 
receives a request form the client to access a Web server of a device on the private 
network); 

obtaining access privileges for the authenticated user in response to the resource 
request (abstract; the client gets information about its access rights from the gateway); 

determining whether the access privileges for the authenticated user permit the 
authenticated user to perform the particular operation at the private network (devices 
which the user has access to are identified), and 

preventing, by the intermediary server, performance of the particular operation at 
the private network if the access privileges for the authenticated user do not permit the 
authenticated user to perform the particular operation at the private network (user is 
prevented from accessing Web servers for which the user does not have access rights 
by gateway). 
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As per claims 19 and 44, Webb, teaches a method for providing remote access 
to a private network via an intermediary server, said method comprising (abstract): 

receiving a login request from a remote user for access to the intermediary 
server (abstract and summary; the gateway receives a login request); 

determining whether the remote user is permitted access to the intermediary 
server based on the login request (see abstract and summary; the gateway 
authenticates the client); 

granting the remote user access to the intermediary server if remote user is 
permitted access to the intermediary server, the granted access carrying access 
privileges to a portion of the private network (see summary; devices which the user has 
access to are identified); 

receiving a resource request from the remote user at the intermediary server if 
the remote user is granted access to the intermediary server, the resource request 
requesting a particular resource on the private network (see abstract and summary; the 
gateway receives a request from the client to access a Web server of a device on the 
network); 

determining whether the resource request from the remote user is permitted by 
the access privileges (see summary; devices which the user has access to are 
identified) 

supplying the particular resource to the remote user through the intermediary 
server if the resource request from the remote user is permitted by the access privileges 



Application/Control Number: 10/060,792 Page 5 

Art Unit: 2457 

(see abstract and summary; Web server are access by the user if permitted by the 
gateway based on access rights); and 

denying the remote user from access to the particular resource by the 
intermediary server if the resource request from the remote user is not permitted by the 
access privileges (user is prevented from accessing Web servers for which the user 
does not have access rights by gateway). 

As per claim 51 , Win teaches an intermediary server system comprising: 

means for sending a modified resource to a client (see abstract and summary); 

mean for receiving a request for a resource from the client (figure 1 , abstract and 
summary); 

means for forwarding the received request to a remote server through a private 
network (See Fig 1 and abstract and Summary); 

means for receiving the resource from the remote server in response to the 
forwarded request (See Fig 1 and abstract and Summary); 

means for replacing a link in the received resource with a link that points to the 
intermediary server system to obtain the modified resource (see par.008 - 0014); 

means for authenticating the client, the means for authenticating the client 
included in a device that hosts the means for sending the modified resource to the client 
and the means for receiving the request (see par.008 - 0014); and 

means for controlling client access to the requested resource based on 
authentication information and access information (see par.008 - 0014 and Fig. 1) 
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As per claims 2 and 35, Webb teaches a method as recited in claim 1 , wherein 
the particular operation is one of a file access operation or an email operation (see 
abstract). 

As per claim 3 and 36, Webb teaches a method as recited in claim 1 wherein 
said authenticating determines whether the user is authenticated based on an external 
authentication server (Fig 4, and par. 0047). 

As per claim 4, Webb teaches a method as recited in claim 3 wherein the 
external authentication server is within the private network (Fig. 4, and par. 0047). 

As per claims 5, 37 and 52, Webb teaches a method as recited in claims 1 , 34 
and 51 wherein the intermediary server stores the access privileges for a plurality of 
users (abstract and summary). 

As per claim 6, Webb teaches a method as recited in claim 1, wherein the 
intermediary server stores an authentication identifier for each of a plurality of users, the 
authentication identifier identifying an external authentication server to be used to 
perform said authenticating (See abstract and summary). 

As per claim 7, Webb teaches a method as recited in claim 6, wherein the 
external authentication server is within the private network (Fig 1 -5). 
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As per claim 8, Webb teaches a method as recited in claim 7, wherein the 
authentication identifier comprises a network address for the external authentication 
server (Fig 1 -5 and summary). 

As per claim 9, Webb teaches a method as recited in claim 1, wherein the 
resource request is from a client-side application running on a client machine (summary 
and Fig. 1-5). 

As per claim 10, Webb teaches a method as recited in claim 9, wherein the client 
side application is one of a web browser, an email application or a file access 
application (par. 0019-0024). 

As per claim 1 1 , Webb teaches a method as recited in claim 1 , wherein the user 
is a remote user (Fig. 1). 

As per claims 12 and 38, Webb teaches a method as recited in claim 1 , wherein 
the resource request is from a client-side application running on a remote client 
machine (Fig. 1 -5). 

As per claim 13, Webb teaches a method as recited in claim 1, wherein the 
private network is an intranet or other network (Fig 1 and summary). 
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As per claim 14, Webb teaches a method as recited in claim 1, wherein the 
resource request is from a network browser (Fig. 1). 

As per claims 1 5 and 53, Webb teaches a method as recited in claims 1 and 51 , 
wherein said method further comprises: performing the particular operation at the 
private network to determine a response to the resource request if the access privileges 
for the authenticated user permit the authenticated user to perform the particular 
operation at the private network (abstract and summary). 

As per claims 16 and 40, Webb teaches a method as recited in claims 1 and 34, 
wherein the authenticated user has an Internet Protocol (IP) address, and wherein said 
determining if the access privileges for the authenticated user permit the authenticated 
user to perform the particular operation comprises: 

determining whether the access privileges for the authenticated user permit the 
authenticated user to perform the particular operation at the private network (abstract 
and summary); and 

determining whether the IP address is authorized (Fig. 1 -5) 

As per claims 18 and 42, Webb teaches a method as recited in claims 17 and 40, 
wherein the access privileges comprise permitted operations, authorized IP addresses, 
and time-of-day restrictions for a the authenticated user (summary). 
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As per claims 20 and 45, Webb teaches a method as recited in claim 19, wherein 
said supplying the particular resource comprises: 

retrieving the particular resource from a content server (Fig 1); 

modifying at least one URL within the retrieved particular resource (column 1 1 , 
lines 55-67); and 

sending the modified particular resource to the remote user (see summary) 

As per claims 21 , 23, 46 and 48 Webb teaches a method as recited in claim 19 
wherein said supplying the particular resource comprises: 

obtaining a response for the particular resource (abstract); 

modifying the response so that links within the response point to the intermediary 
server (summary); and 

sending the modified response to the remote user (summary). 

As per claims 22 and 47, Webb teaches a method as recited in claim 19, wherein 
said supplying the particular resource comprises: 

determining a host name for a remote server hosting the particular resource 
being requested (summary); 

sending a request for the particular resource to the remote server based on the 
determined host name (Fig. 1-5); and 
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receiving, at the intermediary server, a response to the request from the remote 
server (abstract). 

As per claim 24 and 28, Webb teaches a method as recited in claims 19, wherein 
the private network is an intranet (par. 0022). 

As per claims 25, Webb teaches a method as recited in claims 19, wherein the 
resource request is from a network browser (par.0028). 

As per claims 26 and 49, Webb teaches a method as recited in claims 19 and 34, 
wherein the resource request is from a client-side application operating on a remote 
client machine (Fig. 1-5). 

As per claims 27 and 50, Webb teaches a method as recited in claims 26 and 44 
wherein the client-side application is selected from the group consisting of: a web 
browser, an email application or a file access application (par. 0028 - 0036). 

As per claim 37, Webb teaches a computer readable medium as recited in claim 34 
wherein the intermediary server stores the access privileges for a plurality of users 
(summary), and 
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wherein the intermediary server stores an authentication identifier for each of a 
plurality of users, the authentication identifier identifies an external authentication server 
to be used to perform authentication (Fig. 1 - 5 and summary). 

As per claims 17 and 41 , Webb teaches a method as recited in claim 16 and 40. 
Webb teaches wherein said determining if the access privileges for the authenticated 
user permit the authenticated user to perform the particular operation further comprises: 
determining whether time-of-day restrictions are satisfied (summary and body) 

Extra 

It is noted that any citation to specific, pages, columns, lines, or figures in the 
prior art references and any interpretation of the references should not be 
considered to be limiting in any way. A reference is relevant for all it contains and 
may be relied upon for all that it would have reasonable suggested to one having 
ordinary skill in the art. In re Heck, 699 F.2d 1331, 1332-33, 216 USPQ 1038, 1039 
(Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006,1009, 158 USPQ 275, 277 
(CCPA 1968)) 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-28, 34-42, 44-53 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SAHERA HALIM whose telephone number is (571)272- 
4003. The examiner can normally be reached on M-F from 8:30-5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on (571 ) 272-4001 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Sahera Halim 
Patent Examiner 
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